lmakarov
commented
6 years ago @ey- I wonder if this covers the use case you had when you submitted #16
Closed lmakarov closed 6 years ago
lmakarov
commented
6 years ago @ey- I wonder if this covers the use case you had when you submitted #16
ey-
commented
6 years ago @lmakarov Yes it does. Only thing I am missing is the https to http redirect but this could/should be handled on the apache level as you wrote in #16.
lmakarov
commented
6 years ago @ey- Good, thanks for confirming. This update should be released with a new version of Docksal (1.10) later this month.
This is a rewrite of the idea originally proposed in #16, though, the implementation is a bit different.
Instead of picking certs up from the project code base, custom certs are expected to be mounted at
/etc/certs/custom(outside of any project's codebase).The latest dev version of
fin(1.63.0+) will automatically mount$HOME/.docksal/certsto/etc/certs/custom.Using custom certs
Mount a folder with certs to
/etc/certs/custom. Certs are looked up by virtual host name.E.g., cert and key for
example.com(or*.example.com) are expected in:Shared certs (SNI) are also supported. Use
io.docksal.cert-namelabel to set the cert name for a container.Example: for
io.docksal.cert-name=sharedthe following cert/key will be used:When multiple domain values are set in
io.docksal.virtual-host, the first one is considered the primary one and used for certificate lookup. You can also always point to a specific cert withio.docksal.cert-name.